Hi guys,
when deleting a backup, the captcha image is not being shown / loaded. “Reload” doesn’t solve it, it just blocks me for 2 minutes if I press it frequently.
My install is the Docker container duplicati/duplicati:beta from hub.docker.com
Thanks, JAN
Do you see any error messages? Anything in the browser developer tools?
You can disable the captcha with --webservice-disable-visual-captcha=true (also possible with environment variable DUPLICATI__WEBSERVICE_DISABLE_VISUAL_CAPTCHA=true ).
As an aside, we should probably remove it now that there is a mandatory API password.
Sorry I dont know where to look 
No error messages, but please where do I find the developer tools?
It depends on what browser you use. Here are a few different ones described:
The error “500” means the request causes a failure inside the server. For security reason the real error is not reported to the browser, but should be visible in the Docker logs?
so here it is:
fail: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
An unhandled exception has occurred while executing the request.
System.Exception: No usable font found
at Duplicati.WebserverCore.Services.CaptchaService.CaptchaUtil.CreateCaptcha(String answer, Size size, Single fontsize)
at Duplicati.WebserverCore.Services.CaptchaService.GetCaptchaImage(String token)
at Duplicati.WebserverCore.Endpoints.V1.Captcha.<>c.<Map>b__0_0(ICaptchaProvider captchaProvider, IHttpContextAccessor httpContextAccessor, String token, CancellationToken ct)
at lambda_method220(Closure, EndpointFilterInvocationContext)
at Duplicati.WebserverCore.Middlewares.HostnameFilter.InvokeAsync(EndpointFilterInvocationContext context, EndpointFilterDelegate next)
at Duplicati.WebserverCore.Middlewares.LanguageFilter.InvokeAsync(EndpointFilterInvocationContext context, EndpointFilterDelegate next)
at Microsoft.AspNetCore.Http.RequestDelegateFactory.<ExecuteValueTaskOfObject>g__ExecuteAwaited|129_0(ValueTask`1 valueTask, HttpContext httpContext, JsonTypeInfo`1 jsonTypeInfo)
at Duplicati.WebserverCore.Middlewares.WebsocketExtensions.<>c__DisplayClass0_0.<<UseNotifications>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.<Invoke>g__Awaited|10_0(ExceptionHandlerMiddlewareImpl middleware, HttpContext context, Task task)
In that case there are no fonts at all installed in the image (or at least none that .NET can find).
You can either install a font or use the environment variable:
DUPLICATI__WEBSERVICE_DISABLE_VISUAL_CAPTCHA=true
Merry Christmas!
I will disable the captcha. But this is a bug then, right? (= which can be fixed with the next release / next beta Docker image)
The problem is that the code needs a font to render the Captcha image, but there are no fonts in the Docker image. I guess we could supply a free font with the installation, but I would prefer we remove the captcha instead:
Yes, lets get rid of the captcha.
BUT earlier Docker images had the font with it, and Ive been using this for a year without any errors. So Id say: its a bug in this very release!?
Now I’m worrying whether CLI package lacks font when installed on minimal headless server, however I’m not sure what dependencies are reduced, and what exactly doesn’t get pulled in:
The previous releases required mono, which would pull in a lot of extra packages. I am sure one of those packages also pulled in a few fonts.
The new builds are much leaner and have a minimal dependency footprint, and does not pull in any fonts.
You can make the argument that it is a bug to have a feature that depends on a font and a Docker image that includes no fonts. I would prefer to fix it by removing the captcha code instead of injecting a font package.
That is mostly the same packages, so no fonts are pulled. It only depends on libicu and libssl (various versions supported).
So youre going to remove the captcha thing right in the very next beta release of Duplicati?
I was not about enjoying a bug or winning an argument, just about future users not having to wonder what is bronken when they cannot delete a backup because there is a placeholder instead of a captcha.
Thank you 
I will remove the captcha soon. Not sure about the next beta release, it has been hampered a bit by the problems with the FTP backend update.
EDIT: PR is ready:
1 Like